If you google you'll find the answer Applet Security or Applet Sandbox.
Its a long long time since I used Applets... they not my favorite technology.
But (from memory) essentially if you dont want to get a verisign cert, they can only talk to the server they come from.
So saving to the user PC or reading files... no.
Loading an Applet from one site, another from another site, and using a little
java script between them... I think is also a no.
Applets have massive security walls around them.
I wish they put a big sign at the top of Applet tutorials... YOU WILL PROBABLY HAVE TO PAY TO USE IT
Sucks... but they have to do it.